HTML tweak puts block on web video copying

Microsoft, Google and Netflix developers have put forward proposals for in-browser technology to prevent people from illegally accessing audio and video streamed over the web, by encrypting the content seen in the web browser.

On Tuesday, the team publicised a draft proposal for an API to extend an HTML extension — HTMLMediaElement — to enable copy-protected playback of content in web browsers. The Encrypted Media Extensions v0.1 draft proposal is designed to allow rights holders to stop people viewing or sharing content inappropriately, and has been submitted to the World Wide Web Consortium (W3C) standards body.

The proposal seeks to extend the HTMLMediaElement interface in the HTML standard to support decryption for HTML content in web browsers. Under the draft proposal, licence and key exchange would be controlled through the browser. The proposal would allow developers acting in the interests of rights holders to use Javascript to select content protection mechanisms, and implement custom licence-management algorithms.

Copy protection on open-source browsers

Mozilla developer Chris Pearce asked whether the proposed standard would work for copy protection on open-source browsers. Pearce said that given the nature of open-source web development, someone could patch a browser to circumvent copy protection.

"Can you highlight how robust content protection can be implemented in an open-source webrowser [sic]?" Pearce said on a W3C mailing list. "Specifically, since the decoded video frames are stored in memory (as are audio samples) so that they can participate in the HTML rendering pipeline, how do you guard against an open source web-browser simply being patched to write the frames/samples to disk to enable (presumably illegal) redistribution of the protected content?"

Mark Watson from Netflix replied on the mailing list that copy protection for initial key and content distribution could be maintained in an open-source browser. However, open-source web browser mechanisms may not prevent redistribution of decoded content.

"There remains some utility in mechanisms which offer strong protection for the keys and decrypted, encoded, content, but lesser protection for the decoded frames," said Watson.

Watson said that open-source web browsers seeking to implement strong copy protection would have to rely on existing mechanisms in firmware and hardware.

"There exist many devices with content protection mechanisms of various sorts baked into their firmware/hardware," said Watson. "Open-source software could make use of such capabilities in just the same way as it makes use of other hardware capabilities, such a[s] graphics capabilities exposed through OpenGL."

Critical reaction

Other developers reacted more critically to the proposal.

"I believe this proposal is unethical and that we should not pursue it," Google developer Ian Hickson wrote on the W3C mailing list. "The proposal above does not provide robust content protection, so it would not address this use case even if it wasn't unethical."

Rights-holder organisations are currently engaged in a number of efforts to restrict unlicensed content distribution. The Anti-Counterfeiting Trade Agreement (ACTA), which its proponents say is an effort to harmonise intellectual property enforcement, will be examined by the European Court of Justice to see if it is compatible with data protection and freedom of expression and information laws. In the US, SOPA and PIPA have stalled after complaints by web companies.

In the UK, rights holders succeeded in a court bid to have BT block access to the Newzbin2 site, leading to Sky and TalkTalk also blocking the Usenet aggregator.